32 Million Twitter account credentials offered for sale

A hacker is offering for sale more than 32 million Twitter account credentials with plans to sell the account details on the Dark Web.

Recent news of massive data breaches suffered by IT giants LinkedIn, MySpace, Tumblr, and VK.com shocked the security industry. Millions of login credentials are available for sale in the principal black markets, experts believe that the hacker behind the leaks is a Russian guy that now is claiming to be in possession of 32 Million Twitter Passwords and offered them in the criminal underground.

The alleged Russian hacker is attempting to sell 32 Million Twitter Passwords for 10 Bitcoins (over $5,800). Also in this case, I invite you to give a look to LeakedSource specialized in data breaches that indexes leaked login credentials from the stolen dumps.

“Twitter credentials are being traded in the tens of millions on the dark web. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data. This data set was provided to us by a user who goes by the alias “Tessa88@exploit.im”, and has given us permission to name them in this blog.” reported LeakedSource.

The records include the username, an email address, sometimes a second email address, and plain-text passwords for more than 32 Million Twitter accounts.

Twitter promptly denied that the data come from a security breach suffered by the company.

We have investigated reports of Twitter usernames/passwords on the dark web, and we’re confident that our systems have not been breached.

According to LeakedSource, the data set contains 32,888,300 records, its experts believe that the data was obtained through a malware-based attack.

“We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.” continues LeakedSource. “The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter.”

Below the motivations provided by LeakedSource:

The join dates of some users with uncrackable (yet plaintext) passwords were recent. There is no way that Twitter stores passwords in plaintext in 2014 for example.

There was a very significant amount of users with the password “<blank>” and “null”. Some browsers store passwords as “<blank>” if you don’t enter a password when you save your credentials.

The top email domains don’t match up to a full database leak, more likely the malware was spread to Russians.

The unique certainly is that hackers are selling millions Twitter account credentials, also yours, don’t waste time and change your password on Twitter and also on all the other social media where you used same credentials.

Let’s close with a look to the top passwords used by Twitter.com, Opsss … once again ‘123456’ is the most popular.

Share On

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.